Browse Source

Keccakf circuit implemented

master
arnaucube 3 years ago
parent
commit
4153b516f0
4 changed files with 94 additions and 3 deletions
  1. +31
    -0
      circuits/keccak256.circom
  2. +13
    -2
      go-keccak256-bits-impl/keccak_test.go
  3. +5
    -0
      test/circuits/keccakf_test.circom
  4. +45
    -1
      test/keccak256.js

+ 31
- 0
circuits/keccak256.circom

@ -64,3 +64,34 @@ template KeccakfRound(r) {
out[i] <== iota.out[i]; out[i] <== iota.out[i];
} }
} }
template Keccakf() {
signal input in[25*64];
signal output out[25*64];
var i;
var j;
// 24 rounds
component round[24];
signal midRound[24*25*64];
for (i=0; i<24; i++) {
round[i] = KeccakfRound(i);
if (i==0) {
for (j=0; j<25*64; j++) {
midRound[j] <== in[j];
}
}
for (j=0; j<25*64; j++) {
round[i].in[j] <== midRound[i*25*64+j];
}
if (i<23) {
for (j=0; j<25*64; j++) {
midRound[(i+1)*25*64+j] <== round[i].out[j];
}
}
}
for (i=0; i<25*64; i++) {
out[i] <== round[23].out[i];
}
}

+ 13
- 2
go-keccak256-bits-impl/keccak_test.go

@ -92,8 +92,19 @@ func TestKeccakf(t *testing.T) {
15083668107635345971}) 15083668107635345971})
// compute again keccakf on the current state // compute again keccakf on the current state
// s = keccakf(s)
// qt.Assert(t, bitsToU64Array(s[:]), qt.DeepEquals, []uint64{})
s = keccakf(s)
qt.Assert(t, bitsToU64Array(s[:]), qt.DeepEquals,
[]uint64{269318771259381490, 15892848561416382510,
12485559500958802382, 4360182510883008729,
14284025675983944434, 8800366419087562177, 7881853509112258378,
9503857914080778528, 17110477940977988953,
13825318756568052601, 11460650932194163315,
13272167288297399439, 13599957064256729412,
12730838251751851758, 13736647180617564382,
5651695613583298166, 15496251216716036782, 9748494184433838858,
3637745438296580159, 3821184813198767406, 15603239432236101315,
3726326332491237029, 7819962668913661099, 2285898735263816116,
13518516210247555620})
} }
func TestFinal(t *testing.T) { func TestFinal(t *testing.T) {

+ 5
- 0
test/circuits/keccakf_test.circom

@ -0,0 +1,5 @@
pragma circom 2.0.0;
include "../../circuits/keccak256.circom";
component main = Keccakf();

+ 45
- 1
test/keccak256.js

@ -300,7 +300,7 @@ describe("Keccak-Pad test", function () {
}); });
}); });
describe("keccakf test", function () {
describe("keccakfRound test", function () {
this.timeout(100000); this.timeout(100000);
// apt install nlohmann-json3-dev // apt install nlohmann-json3-dev
@ -346,3 +346,47 @@ describe("keccakf test", function () {
assert.deepEqual(stateOutU64, expectedOut); assert.deepEqual(stateOutU64, expectedOut);
}); });
}); });
describe("keccakf test", function () {
this.timeout(100000);
it ("keccakf 1 (testvector generated from go)", async () => {
// const cir = await wasm_tester(path.join(__dirname, "circuits", "keccakf_test.circom"));
const cir = await c_tester(path.join(__dirname, "circuits", "keccakf_test.circom"));
await cir.loadConstraints();
console.log("n_constraints", cir.constraints.length);
const input = [0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24];
const expectedOut = strsToBigInts(["9472389783892099349", "2159377575142921216", "17826682512249813373", "2325963263767348549", "15086930817298358378", "11661812091723830419", "3517755057770134847", "5223775837645169598", "933274647126506074", "3451250694486589320", "825065683101361807", "6192414258352188799", "14426505790672879210", "3326742392640380689", "16749975585634164134", "17847697619892908514", "11598434253200954839", "6049795840392747215", "8610635351954084385", "18234131770974529925", "15330347418010067760", "12047099911907354591", "4763389569697138851", "6779624089296570504", "15083668107635345971"]);
const stateIn = u64ArrayToBits(input);
const expectedOutBits = u64ArrayToBits(expectedOut);
const witness = await cir.calculateWitness({ "in": stateIn }, true);
const stateOut = witness.slice(1, 1+(25*64));
const stateOutU64 = bitsToU64Array(stateOut);
// console.log(stateOutU64, expectedOut);
assert.deepEqual(stateOutU64, expectedOut);
});
it ("keccakf 2 (testvector generated from go)", async () => {
// const cir = await wasm_tester(path.join(__dirname, "circuits", "keccakf_test.circom"));
const cir = await c_tester(path.join(__dirname, "circuits", "keccakf_test.circom"));
await cir.loadConstraints();
console.log("n_constraints", cir.constraints.length);
const input = strsToBigInts(["9472389783892099349", "2159377575142921216", "17826682512249813373", "2325963263767348549", "15086930817298358378", "11661812091723830419", "3517755057770134847", "5223775837645169598", "933274647126506074", "3451250694486589320", "825065683101361807", "6192414258352188799", "14426505790672879210", "3326742392640380689", "16749975585634164134", "17847697619892908514", "11598434253200954839", "6049795840392747215", "8610635351954084385", "18234131770974529925", "15330347418010067760", "12047099911907354591", "4763389569697138851", "6779624089296570504", "15083668107635345971"]);
const expectedOut = strsToBigInts(["269318771259381490", "15892848561416382510", "12485559500958802382", "4360182510883008729", "14284025675983944434", "8800366419087562177", "7881853509112258378", "9503857914080778528", "17110477940977988953", "13825318756568052601", "11460650932194163315", "13272167288297399439", "13599957064256729412", "12730838251751851758", "13736647180617564382", "5651695613583298166", "15496251216716036782", "9748494184433838858", "3637745438296580159", "3821184813198767406", "15603239432236101315", "3726326332491237029", "7819962668913661099", "2285898735263816116", "13518516210247555620"]);
const stateIn = u64ArrayToBits(input);
const expectedOutBits = u64ArrayToBits(expectedOut);
const witness = await cir.calculateWitness({ "in": stateIn }, true);
const stateOut = witness.slice(1, 1+(25*64));
const stateOutU64 = bitsToU64Array(stateOut);
// console.log(stateOutU64, expectedOut);
assert.deepEqual(stateOutU64, expectedOut);
});
});

Loading…
Cancel
Save